4 matches found
CVE-2026-36609
Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 uses a static authentication nonce that does not change between requests from the same source IP. Combined with the predictable XOR-based password encoding securityEncode function, this allows an attacker to reverse captured authentication...
CVE-2026-36609
Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 uses a static authentication nonce that does not change between requests from the same source IP. Combined with the predictable XOR-based password encoding securityEncode function, this allows an attacker to reverse captured authentication...
EUVD-2026-34148
Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 uses a static authentication nonce that does not change between requests from the same source IP. Combined with the predictable XOR-based password encoding securityEncode function, this allows an attacker to reverse captured authentication...
linksys-WET11_pass-reset.txt
================== =====Analysis===== ================== Cisco's Linksys WET11 ethernet bridge product is vulnerable to password resetting based on GET fields in a URL directed at the device. The change password utility provided on the device uses GET to send an obfuscated password as the argumen...